Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64
Apache
: 172.26.7.228 | : 52.15.241.87
Cant Read [ /etc/named.conf ]
5.6.40-24+ubuntu18.04.1+deb.sury.org+1
www-data
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
nehu /
hdfc /
[ HOME SHELL ]
Name
Size
Permission
Action
Crypto.php
1.99
KB
-rwxr-xr-x
HDFCAPI.php
2.42
KB
-rw-r--r--
Status_API_NEW.php
16.35
KB
-rw-r--r--
ccavRequestHandler.php
6.35
KB
-rwxr-xr-x
ccavRequestHandler.php~
978
B
-rwxr-xr-x
ccavRequestHandler_bf_exam_200...
3.51
KB
-rwxr-xr-x
ccavResponseHandler.php
19.83
KB
-rwxr-xr-x
ccavResponseHandler.php~
1.41
KB
-rwxr-xr-x
ccavResponseHandler_bf_exam_20...
9.82
KB
-rwxr-xr-x
ccavResponseHandler_new.php
1.46
KB
-rwxr-xr-x
ccavStatusAPI.php
221
B
-rw-r--r--
dataFrom.htm
19.25
KB
-rwxr-xr-x
dataFrom.htm~
19.01
KB
-rwxr-xr-x
exam_hdfc_order_api.php
22.84
KB
-rwxr-xr-x
exam_hdfc_order_api2.php
12.95
KB
-rw-r--r--
from.html
644
B
-rwxr-xr-x
hdfc_order_api.php
2.77
KB
-rwxr-xr-x
hdfc_req.php
3.38
KB
-rwxr-xr-x
jquery-1.7.2.min.js
92.62
KB
-rwxr-xr-x
json.js
3.27
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : Status_API_NEW.php
<?php ini_set('display_errors', 'On'); error_reporting(E_ALL); ini_set('max_execution_time', 300); ini_set("memory_limit","500M"); include ("/var/www/config.php"); error_reporting(0); $working_key = 'A09AC9FE6C4F6291596D0195E51A0556'; //Shared by CCAVENUES $access_code = 'AVQP87GI58AJ95PQJA'; $servername = SERVERNAME; $username = USERNAME; $password = PASSWORD; $dbname = 'logisys3_sikkim'; $pconn = new mysqli($servername,$username,$password,$dbname); if(!$pconn) { die("Connection failed: " . mysqli_connect_error()); } $query = "select p.ftype, p.appno, p.fregno, p.forderid, p.fstatus3 as fstatus, p.fpaygateway, date_format(p.fcreatedate,'%d-%m-%Y') as fcreatedate, DATE_SUB(now(), interval 15 MINUTE) from (select appno from appcandsum where ifnull(fackdate,'') = '' and ifnull(fpaymentstatus,'') <> 'success') a inner join pgdet p on a.appno = p.appno and ifnull(p.fstatus3,'') <> 'SHIPPED' and fpaygateway = 'hdfc' and p.fcreatedate < DATE_SUB(now(), interval '30:0' MINUTE_SECOND)"; $res_rv=$pconn->query($query); if (mysqli_num_rows($res_rv) > 0) { while (@ob_end_flush()); while($txn = mysqli_fetch_assoc($res_rv)) { $forderid = @$txn['forderid']; $fcreatedate = @$txn['fcreatedate']; $productinfo = ''; $status = ''; $merchant_json_data = array( 'order_no' => $forderid, 'reference_no' =>'', 'order_email' =>'', 'order_bill_tel' =>'', 'order_country' =>'', 'from_date' =>$fcreatedate, 'to_date' =>'', 'order_max_amount' =>'', 'order_min_amount' =>'', 'order_fraud_status' =>'', 'order_currency' =>'', 'order_type' =>'', 'order_payment_type' =>'', 'page_number' =>'', ); $merchant_data = json_encode($merchant_json_data); $encrypted_data = encrypt($merchant_data, $working_key); $final_data = 'enc_request='.$encrypted_data.'&access_code='.$access_code.'&request_type=JSON&response_type=JSON&command=orderLookup&version=1.2'; //var_dump($final_data); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://api.ccavenue.com/apis/servlet/DoWebTrans"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_HTTPHEADER,'Content-Type: application/json') ; curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $final_data); // Get server response ... $result = curl_exec($ch); curl_close($ch); $status = ''; $information = explode('&', $result); $dataSize = sizeof($information); for ($i = 0; $i < $dataSize; $i++) { $info_value = explode('=', $information[$i]); if ($info_value[0] == 'enc_response') { $status = decrypt(trim($info_value[1]), $working_key); $obj = json_decode($status,true); $arrycnt = $obj['order_Status_List']; for($i = 0;$i<=count($arrycnt);$i++) { $productinfo = $arrycnt[$i]['merchant_param3']; $regno = $arrycnt[$i]['merchant_param2']; $txnid = $arrycnt[$i]['reference_no']; $date = $arrycnt[$i]['ship_date_time'];; $status = $arrycnt[$i]['order_status']; $update_pg="update pgdet set ftxnid = '{$txnid}', fstatus3 = '{$status}', fupddate2 = now() where appno = '{$productinfo}' and forderid = '{$forderid}' and ftype = 'exam'"; $result_pg=$pconn->query($update_pg); if(strtoupper($status) == 'SHIPPED') { $firstname = "HDFC-ORDER-API-NEW"; $update="update appcandsum set FPAYMENTREMARKS='{$txnid}',FPAYMENTSTATUS='success', FPAYMENTCONFIRM='success',FACKDATE='{$date}',FACKUSER='{$firstname}', fremarks = '{$firstname}', FPAYGATEWAY = '{$firstname}', frecptdate = '{$date}' where APPNO='{$productinfo}'"; $result=$pconn->query($update); $get_app_cand_det="SELECT c.FDEGREE,c.FEXAMNO,c.FCOLLCODE,ifnull(c.FFRESHEXAM,'') as FFRESHEXAM, c.FREGNO,c.FYEAR,c.FEXAMTYPE,'' as message FROM appcandsum c WHERE c.APPNO='{$productinfo}'"; $result = $pconn->query($get_app_cand_det); if (mysqli_num_rows($result) > 0) { while($row = mysqli_fetch_assoc($result)) { $collcode = $row['FCOLLCODE']; $degree = $row['FDEGREE']; $regno = $row['FREGNO']; $text = $row['message']; $FFRESHEXAM = $row['FFRESHEXAM']; } } $update_cand_sum = "UPDATE (SELECT c.FDEGREE AS fdegree, c.FREGNO AS fregno, c.FCOLLCODE AS fcollcode, sum(ifnull(c.FEXAMFEEA,0)) AS fexamfeea, sum(ifnull(c.FEXAMFEEB,0)) AS fexamfeeb, sum(ifnull(c.FEXAMFEEC,0)) AS fexamfeec, sum(ifnull(c.FEXAMFEED,0)) AS fexamfeed, sum(ifnull(c.FEXAMFEEE,0)) AS fexamfeee, sum(ifnull(c.FEXAMFEEF,0)) AS fexamfeef, sum(ifnull(c.FEXAMFEEG,0)) AS fexamfeeg, sum(ifnull(c.FEXAMFEEH,0)) AS fexamfeeh, sum(ifnull(c.FEXAMFEEI,0)) AS fexamfeei, sum(ifnull(c.FEXAMFEEJ,0)) AS fexamfeej, sum(ifnull(c.FTOTALFEE,0)) AS ftotalfee, FRECPTDATEA, FRECPTDATEB, FRECPTDATEC, FRECPTDATED, FRECPTDATEE, FRECPTDATEF, FRECPTDATEG, FRECPTDATEH, FRECPTDATEI, FRECPTDATEJ FROM appcandsum c where ((c.FPAYMENTSTATUS = 'success') and (ifnull(c.FTOTALFEE,0) > 0) and (ifnull(c.FRECPTDATE,'') <> '')) and c.fregno = '{$regno}' group by c.FDEGREE,c.FREGNO,c.FCOLLCODE) a,candsum c SET c.FEXAMFEEA = a.FEXAMFEEA, c.FEXAMFEEB = a.FEXAMFEEB, c.FEXAMFEEC = a.FEXAMFEEC, c.FEXAMFEED = a.FEXAMFEED, c.FEXAMFEEE = a.FEXAMFEEE, c.FEXAMFEEF = a.FEXAMFEEF, c.FEXAMFEEG = a.FEXAMFEEG, c.FEXAMFEEH = a.FEXAMFEEH, c.FEXAMFEEI = a.FEXAMFEEI, c.FEXAMFEEJ = a.FEXAMFEEJ, c.FTOTALFEE = a.FTOTALFEE, c.FRECPTDATEA = a.FRECPTDATEA, c.FRECPTDATEB = a.FRECPTDATEB, c.FRECPTDATEC = a.FRECPTDATEC, c.FRECPTDATED = a.FRECPTDATED, c.FRECPTDATEE = a.FRECPTDATEE, c.FRECPTDATEF = a.FRECPTDATEF, c.FRECPTDATEG = a.FRECPTDATEG, c.FRECPTDATEH = a.FRECPTDATEH, c.FRECPTDATEI = a.FRECPTDATEI, c.FRECPTDATEJ = a.FRECPTDATEJ, c.frecptdate = '{$date}' WHERE a.fregno=c.FREGNO AND c.fregno = '{$regno}'"; $result = $pconn->query($update_cand_sum); $update_caste = "update candsum c, student s set c.fcategory = s.fcaste, c.ffeetype = if(ifnull(c.fconstype,'0123456789') <> '0123456789', 'Low Income', 'Normal Fee') where s.fregno = c.fregno and s.fregno = '{$regno}'"; $result = $pconn->query($update_caste); $update_cand_appCand = "update canddet c, appcanddet t set c.finserted = t.finserted, c.fpresent = t.fpresent where c.fdegree = t.fdegree and c.fexamno = t.fexamno and c.fregno = t.fregno and c.fsubcode = t.fsubcode and c.fdegree = '{$degree}' and c.fregno = '{$regno}' and t.APPNO='{$productinfo}' and ifnull(c.fpresent,'') <> 'P'"; $result = $pconn->query($update_cand_appCand); $insert_canddet ="insert into canddet(fdegree,FEXAMNO, FCOLLCODE, FREGNO, FSUBCODE, FINSERTED, FPRESENT, FYEAR, FEXAMTYPE) select fdegree, FEXAMNO, FCOLLCODE,FREGNO, FSUBCODE,FINSERTED, FPRESENT, FYEAR,FEXAMTYPE from appcanddet where fregno = '{$regno}' and appno ='{$productinfo}' and CONCAT(fdegree,fexamno,fregno,fsubcode) not in(select CONCAT(fdegree,fexamno,fregno,fsubcode) from canddet where fregno = '{$regno}') "; $result = $pconn->query($insert_canddet); $update_studfee = "update studfee s, (select a.appno, a.fregno, a.fdegree, a.fexamno, a.fcollcode, a.ffeecode, sum(a.famount) as famount, a.fyear, a.fexamtype, a.flogdate from appstudfee a inner join appcandsum b on a.fregno = b.fregno and a.appno = b.appno where ifnull(b.fpaymentstatus,'') = 'success' and ifnull(fackdate,'') <> '' and b.fregno = '{$regno}' group by a.fdegree, a.fexamno, a.fcollcode, a.fregno, a.ffeecode) a set s.famount = a.famount, s.flogdate = a.flogdate, s.fyear = a.fyear, s.fexamtype = a.fexamtype where s.fdegree = a.fdegree and s.fexamno = a.fexamno and s.fregno = a.fregno and s.ffeecode = a.ffeecode and s.fregno = '{$regno}'"; $result = $pconn->query($update_studfee); $insert_studfee = "insert into studfee(fdegree,fexamno,fcollcode,fregno,ffeecode,famount,flogdate,fyear,fexamtype) select fdegree,fexamno,fcollcode,fregno,ffeecode,famount,flogdate,fyear,fexamtype from appstudfee where fregno = '{$regno}' and appno ='{$productinfo}' and CONCAT(fdegree,fexamno,fregno,ffeecode) not in(select CONCAT(fdegree,fexamno,fregno,ffeecode) from studfee where fdegree = '{$degree}' and fregno = '{$regno}')"; $result = $pconn->query($insert_studfee); $query = "select fdegree,fexamno,fcollcode,fregno,ffeecode,famount,flogdate,fyear,fexamtype from appstudfee where fregno = '{$regno}' and appno ='{$productinfo}' and ffeecode = '02 Provisional Certificate'"; $result1 = $pconn->query($query); if(mysqli_num_rows($result1) > 0) { $query = "INSERT INTO studmiscfee (fdescpn, fregno,fremamount, forderid, fpaymentype, fpaymentstatus, fpaydate, FPAYMENTREMARKS)VALUES('PPC Fee', '{$regno}', '100', '{$txnid}', 'hdfc', 'success', now(),'{$txnid}')"; $result2 = $pconn->query($query); } } //echo "ADM :- AppNo: $productinfo ---OrderID: $forderid ---Status: $status --Reason : $status<br/>"; flush(); } } } } } $query = "select p.ftype, p.appno, p.fregno, p.forderid, p.fstatus3 as fstatus, p.fpaygateway, date_format(p.fcreatedate,'%d-%m-%Y') as fcreatedate, DATE_SUB(now(), interval 15 MINUTE) from (select appno from res_stud where ifnull(fpaymentstatus,'') <> 'success') a inner join pgdet p on a.appno = p.appno and ifnull(p.fstatus3,'') <> 'SHIPPED' and ifnull(p.fstatus3,'') <> 'Unsuccessful' and ifnull(p.fstatus3,'') <> 'Initiated' and ifnull(p.fstatus3,'') <> 'Aborted' and fpaygateway = 'hdfc' and p.fcreatedate < DATE_SUB(now(), interval '20:0' MINUTE_SECOND)"; $res_adm = $pconn->query($query); if (mysqli_num_rows($res_adm) > 0) { while (@ob_end_flush()); while($txn = mysqli_fetch_assoc($res_rv)) { $forderid = @$txn['forderid']; $fcreatedate = @$txn['fcreatedate']; $productinfo = ''; $status = ''; $merchant_json_data = array( 'order_no' => $forderid, 'reference_no' =>'', 'order_email' =>'', 'order_bill_tel' =>'', 'order_country' =>'', 'from_date' =>$fcreatedate, 'to_date' =>'', 'order_max_amount' =>'', 'order_min_amount' =>'', 'order_fraud_status' =>'', 'order_currency' =>'', 'order_type' =>'', 'order_payment_type' =>'', 'page_number' =>'', ); $merchant_data = json_encode($merchant_json_data); $encrypted_data = encrypt($merchant_data, $working_key); $final_data = 'enc_request='.$encrypted_data.'&access_code='.$access_code.'&request_type=JSON&response_type=JSON&command=orderLookup&version=1.2'; //var_dump($final_data); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://api.ccavenue.com/apis/servlet/DoWebTrans"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_HTTPHEADER,'Content-Type: application/json') ; curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $final_data); // Get server response ... $result = curl_exec($ch); curl_close($ch); $status = ''; $information = explode('&', $result); $dataSize = sizeof($information); for ($i = 0; $i < $dataSize; $i++) { $info_value = explode('=', $information[$i]); if ($info_value[0] == 'enc_response') { $status = decrypt(trim($info_value[1]), $working_key); $obj = json_decode($status,true); $arrycnt = $obj['order_Status_List']; for($i = 0;$i<=count($arrycnt);$i++) { $productinfo = $arrycnt[$i]['merchant_param3']; $regno = $arrycnt[$i]['merchant_param2']; $txnid = $arrycnt[$i]['reference_no']; $date = $arrycnt[$i]['ship_date_time'];; $status = $arrycnt[$i]['order_status']; $firstname = "HDFC-ORDER-API-NEW"; $update_pg="update pgdet set ftxnid = '{$txnid}', fstatus3 = '{$status}', fupddate2 = now() where appno = '{$productinfo}' and forderid = '{$forderid}'"; $result_pg=$pconn->query($update_pg); $update="update res_stud set FPAYMENTREMARKS='{$txnid}',FPAYMENTSTATUS='success', FPAYMENTCONFIRM='success', fackdate = '{$date}', funivrecdate = '{$date}', fackuser = '{$firstname}', FCHALLANNO = '{$txnid}' where APPNO='{$productinfo}'"; $result=$pconn->query($update); } } } } } ?> <?php //ADD NEW ENCRYPT Function function encrypt($plainText,$key) { $key = hextobin(md5($key)); $initVector = pack("C*", 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f); $openMode = openssl_encrypt($plainText, 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $initVector); $encryptedText = bin2hex($openMode); return $encryptedText; } function decrypt($encryptedText,$key) { $key = hextobin(md5($key)); $initVector = pack("C*", 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f); $encryptedText = hextobin($encryptedText); $decryptedText = openssl_decrypt($encryptedText, 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $initVector); return $decryptedText; } //*********** Padding Function ********************* function pkcs5_pad ($plainText, $blockSize) { $pad = $blockSize - (strlen($plainText) % $blockSize); return $plainText . str_repeat(chr($pad), $pad); } //********** Hexadecimal to Binary function for php 4.0 version ******** function hextobin($hexString) { $length = strlen($hexString); $binString=""; $count=0; while($count<$length) { $subString =substr($hexString,$count,2); $packedString = pack("H*",$subString); if ($count==0) { $binString=$packedString; } else { $binString.=$packedString; } $count+=2; } return $binString; } ?>
Close
